Revised by Patrick Diamitani and Grok 3 Co-Pilot. Originally from AWS re/Start Lab: Module 11 | Introduction to Amazon EC2 | Cloud Foundations | Download Guide

Overview

In this guide, you’ll learn how to launch and manage an Amazon EC2 (Elastic Compute Cloud) instance to host a simple web server. Amazon EC2 provides scalable, on-demand compute capacity in the cloud, making it ideal for hosting websites, applications, or development environments. By the end, you’ll have a running web server, understand how to monitor and resize it, and know how to troubleshoot common issues—all while following AWS best practices.

This setup introduces key EC2 features like termination protection, security groups, and instance resizing, giving you a solid foundation for real-world cloud deployments. Whether you’re a beginner or looking to refine your AWS skills, this guide offers clear, actionable steps and practical use cases.

---

Prerequisites

Before starting, ensure you have:

• An AWS Account: Sign up at aws.amazon.com if you don’t have one.
• Basic AWS Permissions: Your IAM user/role needs permissions for EC2, VPC, and CloudWatch (e.g., AmazonEC2FullAccess).
• Tools:
  • AWS Management Console access (web browser).
  • Optional: AWS CLI installed (installation guide) or Terraform for Infrastructure as Code (IaC).
• Knowledge: Familiarity with basic cloud concepts (e.g., virtual machines, networking) is helpful but not required.

---

Step-by-Step Guide

Step 1: Launch Your EC2 Instance

What You’re Doing: You’ll create an EC2 instance (a virtual server) with termination protection and a script to install a web server. Termination protection prevents accidental deletion, ensuring your instance stays safe.

1. Access the EC2 Dashboard:
   • Log in to the AWS Management Console.
   • From the Services menu, select EC2.
   • Click Launch Instance > Launch Instance.
2. Name Your Instance:
   • In the Name and tags section, enter Web-Server.
   • Why: Tags help you identify resources in AWS, especially when managing multiple instances.
3. Choose an AMI:
   • Under Application and OS Images, select Amazon Linux 2 AMI (default).
   • Why: AMIs are pre-configured templates with an OS and software. Amazon Linux 2 is lightweight and optimized for AWS.
4. Select an Instance Type:
   • Choose t3.micro (2 vCPUs, 1 GiB memory).
   • Why: This free-tier-eligible type is cost-effective for learning and small workloads.
5. Skip Key Pair (Optional):
   • Select Proceed without a key pair.
   • Why: We won’t SSH into the instance for this guide, but in production, you’d create a key pair for secure access.
6. Configure Network Settings:
   • Click Edit in the Network settings section.
   • Set VPC to your default VPC (or Lab VPC if specified).
   • Create a new security group:
     • Name: Web-Server-SG.
     • Description: Security group for web server.
   • Remove the default SSH rule (port 22).
   • Why: Security groups act as firewalls. We’ll add HTTP access later.
7. Add Storage:
   • Keep the default 8 GiB gp2 (General Purpose SSD) volume.
   • Why: This is the root volume where the OS and web server files reside.
8. Enable Termination Protection:
   • Expand Advanced details.
   • Set Termination protection to Enable.
   • Why: Prevents accidental termination, critical for production environments.
9. Add User Data:

In the User data box, paste:
bash
#!/bin/bash

yum -y install httpd

systemctl enable httpd

systemctl start httpd

10. Launch the Instance:
    • Click Launch Instance.
    • Go to View Instances and wait for the Instance State to show Running and Status Checks to pass (2/2).

• echo ‘<html><h1>Hello From Your Web Server!</h1></html>’ > /var/www/html/index.html
  
• Why: This script runs on instance launch, installing and starting an Apache web server with a simple webpage.

CLI Alternative:

bash

aws ec2 run-instances –image-id ami-0c55b159cbfafe1f0 –instance-type t3.micro –user-data file://user-data.sh –tag-specifications ‘ResourceType=instance,Tags=[{Key=Name,Value=Web-Server}]’ –block-device-mappings ‘[{“DeviceName”:”/dev/xvda”,”Ebs”:{“VolumeSize”:8}}]’ –no-key-name –instance-initiated-shutdown-behavior stop

---

Step 2: Monitor Your Instance

What You’re Doing: Monitoring ensures your instance is healthy and performing well.

1. Check Status:
   • Select your instance, go to the Status Checks tab.
   • Confirm System reachability and Instance reachability pass.
   • Why: These automated checks detect hardware or software issues.
2. View CloudWatch Metrics:
   • Switch to the Monitoring tab.
   • Check CPU utilization or network traffic graphs.
   • Why: CloudWatch collects metrics to help you track performance and set alarms.
3. Take a Screenshot:
   • From the Actions menu, select Monitor and troubleshoot > Get Instance Screenshot.
   • Why: Useful for debugging if you can’t connect to the instance.

---

Step 3: Enable Web Access

What You’re Doing: Update the security group to allow HTTP traffic so users can access your web server.

1. Copy Public IP:
   • From the instance Details tab, copy the Public IPv4 address.
   • Test it in a browser (it won’t work yet).
2. Update Security Group:
   • Go to Security Groups in the left menu.
   • Select Web-Server-SG.
   • In Inbound rules, click Edit inbound rules.
   • Add a rule:
     • Type: HTTP
     • Protocol: TCP
     • Port: 80
     • Source: Anywhere-IPv4 (0.0.0.0/0).
   • Save the rule.
   • Why: This opens port 80 for web traffic while keeping other ports secure.
3. Test the Web Server:
   • Refresh the browser tab with your public IP. You should see “Hello From Your Web Server!”

Terraform Option:

hcl

resource “aws_security_group” “web_sg” {

  name        = “Web-Server-SG”

  description = “Security group for web server”

  vpc_id      = “vpc-12345678”

  ingress {

    from_port   = 80

    to_port     = 80

    protocol    = “tcp”

    cidr_blocks = [“0.0.0.0/0”]

  }

}

---

Step 4: Resize Your Instance

What You’re Doing: Scale your instance and storage to handle increased demand.

1. Stop the Instance:
   • Go to Instances, select your instance.
   • Choose Instance state > Stop instance.
   • Wait for Stopped status.
   • Why: You can’t resize a running instance.
2. Change Instance Type:
   • From Actions, select Instance settings > Change instance type.
   • Set to t3.small (2 vCPUs, 2 GiB memory).
   • Click Apply.
   • Why: More resources improve performance for heavier workloads.
3. Resize EBS Volume:
   • Go to Volumes under Elastic Block Store.
   • Select the 8 GiB volume, then Actions > Modify Volume.
   • Increase to 10 GiB and confirm.
   • Why: Extra storage supports growing data needs.
4. Restart the Instance:
   • Back in Instances, select Instance state > Start instance.
   • Test the IP again to confirm the web server is still accessible.

---

Step 5: Test Termination Protection

What You’re Doing: Verify that termination protection works and then safely delete the instance.

1. Attempt Termination:
   • Select your instance, go to Instance state > Terminate instance.
   • You’ll see an error due to termination protection.
   • Why: This safety feature prevents accidental loss of critical instances.
2. Disable Protection:
   • From Actions, select Instance settings > Change termination protection.
   • Uncheck Enable and save.
   • Terminate the instance again—it will succeed this time.

---

Real-World Use Cases

This EC2 setup is a building block for many scenarios:

• Small Business Website: Host a static site or WordPress blog with minimal cost using t3.micro.
• Development Environment: Test applications in a sandbox, resizing as needed for performance.
• Auto-Scaling Foundation: Add an Auto Scaling Group and Load Balancer to handle traffic spikes (e.g., e-commerce sales).
• Learning Platform: Experiment with CI/CD pipelines or containerization (e.g., Docker) on EC2.

To extend this:

• Attach an Elastic IP for a static address.
• Use an Application Load Balancer for high availability.
• Integrate with RDS for a database-backed app.

---

Troubleshooting

Here are common issues and fixes:

1. Web Server Not Accessible:
   • Cause: Security group lacks HTTP rule.
   • Fix: Add port 80 (HTTP) to inbound rules (see Step 3).
   • Tool: Check CloudWatch logs or instance screenshot.
2. Instance Won’t Start:
   • Cause: Insufficient permissions or resource limits.
   • Fix: Verify IAM permissions and ensure t3.micro is available in your region.
3. Termination Fails:
   • Cause: Termination protection is enabled.
   • Fix: Disable it via Instance settings (Step 5).
4. User Data Script Fails:
   • Cause: Syntax error or permissions issue.
   • Fix: Check the script in /var/log/cloud-init-output.log (requires SSH access in a real setup).
5. Performance Issues:
   • Cause: Instance type too small.
   • Fix: Resize to t3.small or larger (Step 4).

For deeper debugging, use CloudWatch Metrics or EC2 Status Checks.

---

Conclusion & Best Practices

You’ve successfully launched, monitored, scaled, and terminated an EC2 instance hosting a web server! Key takeaways:

• Use security groups to control traffic securely.
• Enable termination protection for critical instances.
• Monitor with CloudWatch to catch issues early.

Best Practices:

• Tag all resources (e.g., Name=Web-Server) for organization.
• Use IAM roles instead of key pairs for secure access.
• Automate setups with Terraform or AWS CloudFormation for repeatability.

Now, experiment with adding a domain name via Route 53 or scaling with Auto Scaling—your AWS journey is just beginning!